search external-link twitter facebook feed google-plus linkedin angle-left angle-right angle-up angle-down youtube-play
header-temp_08
The Hexadite Blog
Expert advice and round-the-web cyber security news to help secure your company. Get the latest industry insights delivered to your inbox.

Sign up and stay up-to-date.

Home>The Hexadite Blog>Security Orchestration and Automation>Nuance Drives Down Business Disruption, Automating Incident Response with Hexadite AIRS
Customer Case Studies / /
By Nathan Burke

Nuance Drives Down Business Disruption, Automating Incident Response with Hexadite AIRS

“When we first saw the technology from Hexadite, it seemed too good to be true. We tried the technology, and it all came true—it solved our problems and greatly reduced costs.”

Doug Graham, CISO
Nuance Communications

A market leader in changing the ways people interact with technology innovates incident response to drive efficiency.

Nuance Communications is changing the way people interact with technology by developing the most human, natural, and intuitive ways to take command of information by leveraging optical character recognition (OCR), speech and natural language understanding, and artificial intelligence. The information security team at Nuance has taken a similarly innovative approach to cybersecurity, seeing incident response as more than just a process solved by hiring more people and buying more tools.

“The challenges of scaling security resources to meet the volume of alerts is well understood by security practitioners,” said Doug Graham, Chief Information Security Officer at Nuance. “It’s easy to end up in a cycle where one buys more tools, gets more alerts and, despite working hard to correlate those alerts, still finds the volume of resulting actions staggering. Companies need to find ways to break this cycle or turn down the volume of alerts, as there will never be enough staff bandwidth to properly process every alert.”

BUILDING CYBERSECURITY INTO THE ORGANIZATIONAL DNA

The team at Nuance sees the discipline of cybersecurity not only as a function of IT, but as a company-wide priority.

“Information security needs to be everybody’s job. It’s easy to say that, and many companies do say it, but we have to build it into the DNA of the organization. The days are gone when it would be some specialist’s job to do security,” said Graham.

screen-shot-2017-01-10-at-10-10-02-amWith over 14,000 employees worldwide, it’s important to be able to automatically and remotely investigate and remediate threats on employee computers. Prior to automating a large proportion of these events, the IT and security staff at Nuance focused scarce resources on investigating, diagnosing, cleaning, and often reimaging computers resulting in higher costs and potential disruption to the affected employee.

“The environment today means that we’re seeing more alerts from more sources, and we were spending a lot of time, and cost on dispatching IT techs to deal with security incidents. This not only takes away from the ability to drive value to the business, but it’s an unattainable business model to scale.”

“Aside from the obvious functionality elements, whenever we evaluate security tools, we look for two must-have items,” said Graham. “First, will the tool be a force multiplier for efficiency or will it simply give someone else more work to do? Secondly, will the tool allow us to automate what is currently being done by people? To consider purchasing anything, both requirements must be met.”

To see how Nuance Communications automated low level security tasks to let people focus on high value initiatives, read the full case study here.

 

rsa-banner